-
Notifications
You must be signed in to change notification settings - Fork 2
315 lines (270 loc) · 10.5 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
---
name: Release
on: # yamllint disable-line rule:truthy
push:
branches:
- main # forward-compatibility with new GitHub default branch naming
- master # backward-compatibility with old GitHub default branch naming
workflow_dispatch:
pull_request:
jobs:
# Shared tag & version number info ----------------------
get-tag-xor-dev-version:
name: Get tags and version numbers
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.detect-new-version-tag.outputs.tag }}
dev-version: ${{ steps.bump-dev-version.outputs.version }}
steps:
- name: Check out the repository
uses: actions/[email protected]
with:
fetch-depth: 2
- name: Set up Python
uses: actions/[email protected]
with:
python-version: "3.11"
- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Install Poetry
run: |
pip install --constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Check if there is a parent commit
id: check-parent-commit
run: |
echo "sha=$(git rev-parse --verify --quiet HEAD^)" >> $GITHUB_OUTPUT
- name: Detect new version tag
id: detect-new-version-tag
if: "steps.check-parent-commit.outputs.sha"
run: |
BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)
git checkout HEAD~
PARENT_COMMIT_VER=$(make get-project-version-number)
git checkout "${BRANCH_NAME}"
CURRENT_COMMIT_VER=$(make get-project-version-number)
if [[ "${PARENT_COMMIT_VER}" != "${CURRENT_COMMIT_VER}" ]]; then
echo "tag=${CURRENT_COMMIT_VER}" >> $GITHUB_OUTPUT
fi
- name: Bump version for developmental release
id: bump-dev-version
if: "! steps.detect-new-version-tag.outputs.tag"
run: |
poetry version patch &&
VERSION=$(make get-project-version-number) &&
DEV_VERSION="${VERSION}.dev.$(date +%s)" &&
poetry version "${DEV_VERSION}" &&
echo "version=${DEV_VERSION}" >> $GITHUB_OUTPUT
# Package build ----------------------
package-build:
strategy:
matrix:
os: ["ubuntu-latest", "windows-latest", "macos-latest"]
python-version: ["3.8", "3.9", "3.10", "3.11"]
name: Package build
runs-on: ${{ matrix.os }}
needs: get-tag-xor-dev-version
outputs:
is-test-package: ${{ steps.use-dev-version-for-testing.outputs.is_testing }}
package-version: ${{ steps.log-package-version.outputs.version }}
steps:
- name: Check out the repository
uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Install Poetry
run: |
pip install --constraint=.github/workflows/constraints.txt poetry
poetry --version
- name: Install Tox
run: |
pip install --constraint=.github/workflows/constraints.txt tox
tox --version
- name: Load cached tox testenv(s) (if they exist)
id: cached-poetry-dependencies
uses: actions/[email protected]
with:
path: |
.tox
key: tox-${{ github.workflow }}-${{ github.job }}-${{ runner.os }}-CPython${{ matrix.python-version }}-${{ hashFiles('**/poetry.lock') }}
# Update the project version number to the dev version that was
# generated upstream (only used in non-release builds; else project
# already set to the correct version number)
- name: Use dev project version for testing
id: use-dev-version-for-testing
if: "needs.get-tag-xor-dev-version.outputs.dev-version"
run: |
VERSION=${{ needs.get-tag-xor-dev-version.outputs.dev-version }}
poetry version "${VERSION}"
echo "is_testing=true" >> $GITHUB_OUTPUT
shell: bash
- name: Log package version
id: log-package-version
run: |
VERSION=$(make get-project-version-number)
echo "version=${VERSION}" >> $GITHUB_OUTPUT
shell: bash
- name: Build package
run: |
make package
- name: Store the binary wheel
uses: actions/[email protected]
with:
name: python-package-distributions
path: dist
# PyPI/TestPyPI package upload ----------------------
pypi-packages-upload:
name: PyPI/TestPyPI package upload
runs-on: ubuntu-latest
needs: package-build
outputs:
package-version: ${{ needs.package-build.outputs.package-version }}
steps:
- name: Check out the repository
uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: "3.11"
- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Download the binary wheels
uses: actions/[email protected]
with:
name: python-package-distributions
path: dist
- name: Publish packages on PyPI
if: "! needs.package-build.outputs.is-test-package"
uses: pypa/[email protected]
with:
user: __token__
password: ${{ secrets.PYPI_TOKEN }} # pragma: allowlist secret
- name: Publish packages on TestPyPI
if: "needs.package-build.outputs.is-test-package"
uses: pypa/[email protected]
with:
user: __token__
password: ${{ secrets.TEST_PYPI_TOKEN }} # pragma: allowlist secret
repository_url: https://test.pypi.org/legacy/
# Install Verification ----------------------
verify-user-install:
strategy:
matrix:
os: ["ubuntu-latest", "windows-latest", "macos-latest"]
python-version: ["3.8", "3.9", "3.10", "3.11"]
name: Verify package install as user
runs-on: ${{ matrix.os }}
needs: pypi-packages-upload
steps:
- name: Check out the repository
uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: ${{ matrix.python-version }}
- name: Install package-under-test
run: |
PYPI_PACKAGE="cookiecutter-cruft-poetry-tox-pre-commit-ci-cd-instance==${PACKAGE_VERSION}"
TEST_PYPI_PACKAGE="${PYPI_PACKAGE} --index-url https://test.pypi.org/simple/"
function install_test_pypi() { pip install ${TEST_PYPI_PACKAGE} --no-deps && install_pypi; }
function install_pypi() { pip install --upgrade ${PYPI_PACKAGE}; }
until (install_test_pypi || install_pypi)
do
echo "Waiting for Python Package Index to serve current package-under-test: ${PYPI_PACKAGE}"
sleep 10
done
pip list -v
env:
PACKAGE_VERSION: ${{ needs.pypi-packages-upload.outputs.package-version }}
shell: bash
- name: Run basic commands
run: |
cookiecutter-cruft-poetry-tox-pre-commit-ci-cd-instance --help || true
cookiecutter-cruft-poetry-tox-pre-commit-ci-cd-instance --version || true
cookiecutter-cruft-poetry-tox-pre-commit-ci-cd-instance || true
shell: bash
# Docker image build and upload ----------------------
docker-image-build-and-upload:
name: Docker image build and upload
runs-on: ubuntu-latest
needs: get-tag-xor-dev-version
steps:
- name: Check out the repository
uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: "3.11"
- name: Upgrade pip
run: |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name: Install Poetry
run: |
pip install --constraint=.github/workflows/constraints.txt poetry
poetry --version
# Docker build/push job ----------------------
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Update the project version number to the dev version that was
# generated upstream (only used in non-release builds; else project
# already set to the correct version number)
- name: Use dev project version for testing
id: use-dev-version-for-testing
if: "needs.get-tag-xor-dev-version.outputs.dev-version"
run: |
VERSION=${{ needs.get-tag-xor-dev-version.outputs.dev-version }}
poetry version "${VERSION}"
- name: Get container image metadata
id: container-image-metadata
run: |
CI_TAGGED_IMG=$(echo -n $(make get-docker-img-strong-version-tag get-project-version-number) | tr ' ' '-')
CANONICAL_TAGGED_IMGS=$(echo -n $(make get-docker-img-strong-version-tag get-docker-img-latest-tag) | tr ' ' ',')
echo "tagged_images=${CI_TAGGED_IMG},${CANONICAL_TAGGED_IMGS}" >> $GITHUB_OUTPUT
- name: Build and push container image
id: docker_build
uses: docker/build-push-action@v3
with:
push: true
tags: ${{ steps.container-image-metadata.outputs.tagged_images }}
- name: Log image digest
run: echo ${{ steps.docker_build.outputs.digest }}
# Release notes publication ----------------------
publish-release-notes:
name: Publish release notes
runs-on: ubuntu-latest
needs:
- get-tag-xor-dev-version
- verify-user-install
- docker-image-build-and-upload
permissions:
pull-requests: write
contents: write
steps:
- name: Check out the repository
uses: actions/[email protected]
- name: Publish the release notes
uses: release-drafter/[email protected]
with:
publish: ${{ needs.get-tag-xor-dev-version.outputs.tag != '' }}
# Annotated tag to associate with the current commit
tag: ${{ needs.get-tag-xor-dev-version.outputs.tag }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}